During design, the architect should look at what parts of the system need restricted access, and which parts can be less protected. For example, everyone can have read access to the public web page of the company, but only authorized individuals can edit the content.
To help with the decisions to be taken and to detect weaknesses in the design a threat model should be created as documented for example here at OWASP.
Such a threat model is invaluable when designing a secure application as it sheds a light on different perspectives of the system under development, like the assets in question, trust levels, entry points and data flows. So you can easily spot weaknesses and possible attack scenarios for your application.
A threat model is something also used by serious pentesters and hackers in the first phase of a test or attack: collecting information and putting it all together to detect possible weaknesses.